Skills
skills/tyk-lab/my-ai-skill/file-organizer/Gen Agent Trust Hub

file-organizer

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill generates shell commands such as find, mv, mkdir, and du to analyze and modify the local filesystem. These operations are performed on user-specified paths, which could lead to command injection or directory traversal if pathnames are not handled with strict shell escaping by the agent.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from the filesystem. Ingestion points: The agent reads directory structures and filenames via ls and find. Boundary markers: No explicit delimiters are defined to separate file metadata from agent instructions. Capability inventory: The agent can move files, rename files, and create directories. Sanitization: No sanitization of filenames or paths is mentioned before processing.
  • [DATA_EXFILTRATION]: The skill performs deep inspection of files, including calculating MD5 hashes and identifying file types via the file command. While no network calls are present, this exposes a high level of metadata about the user's private data to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 12:34 PM